Sonatype DepShield is a GitHub App used by developers to identify and remediate vulnerabilities in their open source dependencies.
Open Source projects work diligently to fix disclosed vulnerabilities. Why shouldn't your project be powered with the knowledge of when and where these vulnerabilities exist and how to eradicate them?
Shield Your Project
DepShield will monitor your project's dependencies for publicly disclosed security vulnerabilities and alert you natively in GitHub when they are discovered.
Powered By OSS Index
Security vulnerability data is powered by Sonatype OSS Index, a free service used by developers to identify open source dependencies and determine if there are any known, publicly disclosed, vulnerabilities.